Information security analytics

On July 28 Russian President Vladimir Putin signed the bill “On personal data” into law. According to analysts at InfoWatch, maintaining the confidentiality of personal information outlined in the new law will require some investments from businesses.

A bag containing a laptop computer and a printout of personal data belonging to 350 US Agricultural Department workers was stolen and later returned, though someone had obviously rummaged through the case. Experts at InfoWatch point out that many organizations only begin to worry about their private data after such incidents.

A Morgan Stanley insider has been charged with stealing confidential information and sending it to his home e-mail account. The charges include accusations of acting in unison with an unnamed co-conspirator to steal the company’s client list and rate list. Despite the fact that the insiders were detected, experts at InfoWatch point out that the company’s corporate secrets were still compromised.

Russia’s senators have approved the law “On information, information technologies and the protection of information.” According to experts at InfoWatch, when combined with the law “On personal data”, the new law should create a civilized environment for the exchange and storage of digital data.

A new concept for the PCAOB’s Auditing Standard No. 2 for measuring the effectiveness of internal controls could partially or completely exempt small businesses from section 404 of SOX. Analysts at InfoWatch believe the authorities have simply pressured the SEC into editing the audit standard.

The upper house of the Russian parliament has approved the law “On personal data” that will regulate the gathering and use of the population’s private details. According to experts at InfoWatch, despite the fact that the new law promises to create some extra expenses for business, its adoption is undoubtedly a big step towards protecting people’s personal information.

A laptop computer containing private data on 280 students has been stolen from a University of Iowa professor. The university said it was likely to be the last incident of its kind, because it was introducing a new student ID system. However, experts at InfoWatch doubt that the university can avoid similar breaches in the future.

IT infrastructure requirements are not explicitly written down in the Basel II Accord, though, according to experts at InfoWatch, meeting the provisions of Basel II in full demands a substantial modernization of a bank’s data systems.

In the latest data breach to hit the US military the private details of 100,000 servicemen were freely accessible on the Internet for over six months. Experts at InfoWatch stress that such leaks will continue to affect commercial and military organizations until managers acknowledge the need to incorporate systems that protect against insiders.

The toughest financial regulator in the US – the NASD – has compromised private data following a theft from one of its offices. The regulator had tried to cover up the leak by making no mention of the incident. According to experts at InfoWatch, some of the more recent data breaches have affected exactly those organizations that are, by definition, meant to have exemplary safeguards against leaks. Such incidents will continue to occur until federal, regulatory and other authoritative organizations implement effective systems to protect against leaks.